Add to favourites
News Local and Global in your language
17th of January 2018


Forget Aadhaar, your phone can reveal all your private details to hackers

What do you do when you buy a smartphone? Install Facebook and WhatsApp after the mandatory settings are put in place. While the next set of downloads involving third-party apps follows soon after, the catch is we rarely go through their permission policies. A closer look at the permission policy of one of the most commonly used applications such as Facebook, for instance, reveals that it asks for access to all of the subscriber’s contacts and information stored in the handset. Moreover, it also seeks to have access to the device camera and to make calls, without informing the user. While Facebook is a proprietary app, the rule remains the same for many third-party applications, whose origin and ownership remain unknown to most of us. At a time when data leaks from the Unique Identification Authority of India (UIDAI) — the body that maintains the Aadhaar data of over a billion Indians — are raising disturbing questions over the security of one’s personal information, breach of privacy can come from one’s handheld device. From biometric details such as fingerprints and retina scans to financial information such as credit card numbers and passwords — all may be up for sale if one’s handset is hacked. And while the possibility of a mobile hack was of little concern a few years ago, that is no longer the case now. The falling price of the International Mobile Subscriber Identity (IMSI)-catcher and a flurry of other malwares have now changed the tide against common users. IMSI, for example, is today widely used (by hackers) to identify a user of a mobile network, making analysts and experts jittery. While users of all types of mobile handsets can be targets of hacks, users of open operating systems such as Android, which comprise over 80 per cent of all mobile users globally and over 90 per cent in India, are most vulnerable. For example, the data used to identify iPhone users for touch ID and face ID is converted into mathematical representations that are encrypted and protected by the secure enclave feature on the phone, where it cannot be accessed by iOS (Apple operating system) or other apps. It is also not stored on Apple servers or backed up to iCloud, making it virtually impossible to leak private data. But there is no such security feature available to Android users, making them prone to data attacks. According to Gurpal Singh, senior market analyst, IDC, risks of data theft on mobile phones are growing exponentially. “Any information stored in the mobile phone can be accessed from a remote location. Once a malware or advanced virus gets into the system, it can copy and send all information to the hackers.

It can also enable the camera, forward text messages, redirect calls and send any files from the device, without the user even knowing about its activity,” he said.

Read More

Leave A Comment

More News

ABC News: Money

Reuters: Business News

L.A. Times - Business


NYT > Economy

Business - The Huffington

Home Page

Disclaimer and is not the owner of these news or any information published on this site.